Information System Security Officer

🕒 il y a 9 mois

🇺🇸 États-Unis – Télétravail

💵 $119 813 - $189 000 / an

⏰ Temps Plein

🟠 Senior

🔴 Expert

👮‍♂️ Cybersécurité / Ingénieur Sécurité

🦅 Parrain de Visa H1B

Cette entreprise a parrainé des visas H1B par le passé.

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

LMI

Site WebLinkedInTous les Emplois

1001 - 5000 employés

Fondée en 1961

🤖 Intelligence artificielle

⚕️ Assurance santé

🏛️ Gouvernement

Artificial Intelligence • Healthcare Insurance • Government

LMI est une entreprise tournée vers l'avenir qui se concentre sur la réinvention du chemin de l'insight au résultat à travers des solutions innovantes dans divers secteurs, y compris l'IA appliquée et la santé numérique. Ils fournissent des analyses avancées, un support d'ingénierie et une optimisation des performances dans les marchés de la défense, de la santé et des marchés civils, avec un fort engagement à améliorer l'efficacité de la mission pour les clients gouvernementaux. Avec un accent sur la collaboration et la recherche, LMI vise à favoriser un changement positif grâce à ses capacités et partenariats diversifiés.

Description

• Acquire and manage all necessary documentation/artifacts, including cybersecurity support and resources, to support IT cybersecurity goals and objectives from a risk management perspective. • Advise senior management on system risk levels and cybersecurity posture for cloud-based environments • Assist in the deployment, architecture and configuration of security controls of deployed systems with Cloud Architects • Ensure that developed systems and architectures are consistent with all applicable DHS cybersecurity policies and guidelines. • Perform Assessment and Authorization (A&A) cybersecurity reviews, identify gaps, and support risk management plans for cybersecurity personnel to execute. • Provide input on cybersecurity requirements and collect and maintain data needed to meet system cybersecurity compliance reporting. • Provide subject matter expertise for Risk Management Framework (RMF) activities and related documentation to support system accreditation / Authority to Operate (ATO) requirements. • Interpret noncompliance to determine the impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program. • Track audit findings and recommendations to ensure that appropriate mitigation actions are taken. • Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs). • Coordinate with geographically-distributed, multi-discipline teams to ensure compliance with all applicable requirements for cybersecurity are addressed. • Ensure that plans of action and milestones (POAM) or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. and support necessary remediation/compliance activities. • Participate in recurring cybersecurity working group meetings. • Oversee and manage A&A activities to support their respective systems and security activities. • Work with program ISSOs and ISSMs to effectively aggregate technical details for government leadership including the cybersecurity lead, project managers, program managers to facilitate succinct and effective risk discussions and provide understanding of respective program risks. • Provide security support and evaluation to development teams to integrate information assurance/cyber security and remediate vulnerabilities throughout the System Life Cycle Development. • Lead the development, review and management of system Assess and Authorize documentation to ensure it is compliant with RMF standards. • Develop guidance and assists associates through the RMF phases. • Participate in ATT and ATO activities • Support the organization's program that implements information systems security technology and procedures. • Review DHS policy and develop local policy and procedures that implement the DHS Cybersecurity subprograms and initiatives. • Create and submit Plan of Actions & Milestones (POA&M) for review and approval by the Authorizing Official (AO)

🎯 Exigences

• Bachelor's degree in a related field or equivalent experience • 8+ years demonstrated SP 800-37 RMF, NIST 800.53 experience • Familiarity with cybersecurity tools such as Aquasec and Sonar Qube • Must possess a Security + certification • Experience developing or ensuring development adheres to cybersecurity requirements and best practices (e.g., NIST controls) • Familiarity with commercial off-the-shelf solutions for specific security capabilities • DHS/CBP background investigation highly preferred • Exposure to AWS, Azure and Google Cloud • Host Base Security System (HBSS), Tenable Nessus Vulnerability Assessment, EMASS

🏖️ Avantages

• Equal Opportunity Employer